Re: [load balancing] Alteon AD3 against codered/nimda

• Previous message: Daniel Peterson: "Re: [load balancing] Stupid Load Balancing Mistakes"
• In reply to: Benny Chee: "[load balancing] Alteon AD3 against codered/nimda"
• Next in thread: Scott Mcnamee: "RE: [load balancing] Alteon AD3 against codered/nimda"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Benny,

I don't think the Alteon load balancing family has any specific
functionality to deal with Code Red/Nimda, but you should be able to use
URL parsing to stop these attacks.

I haven't tested this, and I am sure Peter will let me know if I am wrong
:), but I think the following should work (WebOS 8.0.49):

>> Main# /cfg/slb/url/lb
------------------------------------------------------------
[Server Loadbalance Resource Menu]
      message - Set error message
      add - Add URL path for load balance
      rem - Remove URL path for load balance
      cur - Display current URL paths

>> Server Loadbalance Resource# add
Enter URL path: default.ida

>> Server Loadbalance Resource# add cmd.exe

>> Server Loadbalance Resource# add root.exe

>> Server Loadbalance Resource# apply
------------------------------------------------------------------
Apply complete; don't forget to "save" updated configuration.

>> Server Loadbalance Resource# cur
Error message:
No available server to handle this request

Number of entries: 4
1: any
2: default.ida
3: cmd.exe
4: root.exe

>> Server Loadbalance Resource#

Next, enable URL-based SLB on the virtual servers:

>> Server Loadbalance Resource# /cfg/slb/virt 1/service http/httpslb
Current HTTP SLB for vport http: disabled
New HTTP SLB for vport http: disabled
Enter enable|disable [e/d]: e
        urlslb|host|cookie|browser|urlhash|others
Select Application: urlslb

>> Virtual Server 1 http Service#

(repeat this for each VIP Instance)

As long as you don't marry those rules to a real server, requests that
match the rules should just be sent the default error message: No
available server to handle this request.

Again, I have not tested this, so I can not guarantee it will work, but,
in theory (don't you hate those words :)) it should.

allan

On Wed, 27 Feb 2002, Benny Chee wrote:

> can alteon AD3 filter codered/nimda probes? If yes, can print sample config..
>
> benny

-- 
Allan Liska
allanIZZATallan.org
http://www.allan.org
____________________
The Load Balancing Mailing List
Unsubscribe:    mailto:majordomoIZZATvegan.net?body=unsubscribe%20lb-l
Archive:        http://vegan.net/lb/archive
LBDigest:       http://lbdigest.com
MRTG with SLB:  http://vegan.net/MRTG
Hosted by:	http://www.tokkisystems.com

• Next message: Scott Mcnamee: "RE: [load balancing] Alteon AD3 against codered/nimda"
• Previous message: Daniel Peterson: "Re: [load balancing] Stupid Load Balancing Mistakes"
• In reply to: Benny Chee: "[load balancing] Alteon AD3 against codered/nimda"
• Next in thread: Scott Mcnamee: "RE: [load balancing] Alteon AD3 against codered/nimda"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 28 2002 - 09:55:09 EST